Fujitsu Warns that European Companies are too Slack in Preventing Cybercrime

Fujitsu EMEIA

Unprotected channels into critical systems, banking and smart cities among the most likely targets for cybercriminals this year

Artificial Intelligence likely to be game changing for cybersecurity and cybercriminals alike

Greatest risk remains poor IT processes, which will continue to cause avoidable breaches

Munich, February 16, 2017
– European businesses must be more vigilant in taking steps to prevent cybercrime from disrupting their essential operations, warns Fujitsu. In its 2017 Threat Predictions report¹, published today, the Fujitsu Security Operations Center² identifies 10 of the greatest security risks to enterprises. These include failing to keep up with basic IT security processes. Further high risks are attacks on banking applications and smart cities.

Based on real-world intelligence in monitoring ongoing security threats, Fujitsu has identified that the most significant cyber threat - the failure to keep up with basic IT security processes - is also the easiest to remedy. Fujitsu security researchers believe that lax security will continue to lead to easily avoidable breaches, noting: “An amazing number of businesses don’t carry out the simple – yet vital – housekeeping tasks that cut down on risks.”

According to the report, immediate measures that all businesses can take to better protect themselves include more effective vulnerability patching, and ensuring that only current users have access to critical systems. What’s more, many organizations are too generous when it comes to system access privileges for regular users. As a consequence, Fujitsu says that companies are “needlessly vulnerable to data loss, data theft or external disruption of their systems”.

One particular weakness identified by the Fujitsu security experts relates to encrypted channels that provide external access to the heart of critical computing systems. These are designed to give remote workers easier access to networks, but when taken over by a cybercriminal, can mean that nefarious activities are largely undetectable. This is due to what Fujitsu describes as “a blind spot, with attacks over encrypted channels being missed due to the lack of SSL inspection capabilities”.

Companies should also be more vigilant in managing banking applications, another hot favorite for criminals. Fujitsu predicts that 2017 will see more attacks to banking payment systems, and expects further growth in banking Trojans targeting older, more vulnerable back office applications. Although international banking networks are moving to establish mandatory controls, Fujitsu states that it “still presents a window of opportunity for cybercriminals”.

Smart cities will also find themselves targeted – with Fujitsu security experts commenting that “many of the protocols designed for smart connected devices have their own potential flaws and vulnerabilities”. Implications could include allowing hackers to disable smart lighting grids in entire cities, Fujitsu warns.

The state-of-the-art Fujitsu Security Operations Center (SOC) – which protects customers by detecting, analyzing and neutralizing threats – also foresees that the increased use of Artificial Intelligence (AI) and machine learning capabilities will become game changers in enterprise security. AI can immediately identify anomalies, for example in web traffic patterns. Such early warning systems allow security professionals to take a proactive approach to risk mitigation, aiming to eliminate threats before they become problems. However, the report cautions that cybercriminals will also be turning to these technologies to launch previously unseen types of attack.

Rob Norris, VP and Head of Enterprise Cybersecurity at Fujitsu in EMEIA, comments: “Every move to tightening up cybersecurity means an exponential decrease in vulnerability. Many organizations have not yet fully realized that when you depend on computing to run your business, then being offline essentially means being out of business. It’s not only financial risk but also the cost of damage to your reputation from data loss and theft. Our new report highlights some easy steps that any organization can take to ensure they are not needlessly exposed to data loss, data theft or external disruption of their systems.”

About Fujitsu EMEIA

Fujitsu promotes a Human Centric Intelligent Society, in which innovation is driven by the integration of people, information and infrastructure. In the Europe, Middle East, Africa and India region (EMEIA), our 28,000-strong workforce is committed to Digital Co-creation, blending business expertise with digital technology and creating new value with ecosystem partners and customers. We enable our customers to digitally transform with connected technology services, focused on Artificial Intelligence, the Internet of Things, and Cloud - all underpinned by Cyber Security. For more information, please visit http://www.fujitsu.com/fts/about/

All other company or product names mentioned herein are trademarks or registered trademarks of their respective owners. Information provided in this press release is accurate at time of publication and is subject to change without advance notice.